The Showing URL in QR Code WordPress plugin through 0.0.1 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin or editor add Stored XSS payloads via a CSRF attack
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2024-08-03T01:20:58.782Z
Reserved: 2022-11-03T09:31:03.480Z
Link: CVE-2022-3847

No data.

Status : Modified
Published: 2022-11-28T14:15:17.110
Modified: 2024-11-21T07:20:21.560
Link: CVE-2022-3847

No data.